Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Microsoft RDP flaws could allow sniffing and DOS(Q324380)

Information

Severity

Severity

Medium

Family

Family

Windows : Microsoft Bulletins

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

18 years ago

Modified

Modified

4 years ago

Summary

Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, and Remote Data Protocol (RDP) version 5.1 in Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command.

Affected Software

Affected Software

Microsoft Windows 2000 Microsoft Windows XP

Solution

Solution

The vendor has released updates. Please see the references for more information.

Common Vulnerabilities and Exposures (CVE)